Marsu Pilami

**Name of the Vulnerable Software and Affected Versions** Microsoft Office PowerPoint (affected versions not specified) **Description** A remote code execution issue exists in Microsoft Office PowerPoint due to its handling of specially crafted PowerPoint files. An attacker could exploit this by creating a specially crafted file, which could be sent as an email attachment or hosted on a specially crafted or compromised website. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office PowerPoint (affected versions not specified) **Description** A remote code execution issue exists in Microsoft Office PowerPoint due to its handling of specially crafted PowerPoint files. An attacker could exploit this by creating a specially crafted file that could be sent as an email attachment or hosted on a compromised website. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office PowerPoint (affected versions not specified) **Description** A remote code execution issue exists in Microsoft Office PowerPoint due to its handling of specially crafted PowerPoint files. An attacker could exploit this by creating a specially crafted file that could be sent as an email attachment or hosted on a specially crafted or compromised website. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office PowerPoint versions 2000 SP3 through 2003 SP3 **Description** A remote code execution issue exists in the way Microsoft Office PowerPoint handles specially crafted files, potentially leading to memory corruption. This can be exploited by an attacker creating a specially crafted PowerPoint file, which could be sent as an email attachment or hosted on a compromised website. **Recommendations** For Microsoft Office PowerPoint versions 2000 SP3 through 2003 SP3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office PowerPoint versions 2000 SP3 through 2003 SP3 **Description** A remote code execution issue exists in the way Microsoft Office PowerPoint handles specially crafted PowerPoint files, potentially allowing attackers to execute arbitrary code. This is due to multiple stack-based buffer overflows in the PowerPoint 95 importer. An attacker could exploit this by creating a specially crafted PowerPoint file that could be included as an e-mail attachment or hosted on a specially crafted or compromised Web site. **Recommendations** For Microsoft Office PowerPoint versions 2000 SP3 through 2003 SP3, update to a version that includes the fix for this issue to prevent remote code execution. As a temporary workaround, consider restricting the handling of PowerPoint 95 native file format files until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office PowerPoint 2000 SP3 Microsoft Office PowerPoint 2002 SP3 Microsoft Office PowerPoint 2003 SP3 Microsoft Office PowerPoint 2004 for Mac **Description** A flaw in Microsoft Office PowerPoint allows remote attackers to execute arbitrary code. This occurs due to the way PowerPoint handles specially crafted PowerPoint files containing an invalid index value within an OutlineTextRefAtom, leading to memory corruption. This issue has been exploited in the wild since April 2009, utilizing the Exploit:Win32/Apptom.gen exploit. The vulnerability is a code injection issue. **Recommendations** Microsoft Office PowerPoint 2000 SP3: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Microsoft Office PowerPoint 2002 SP3: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Microsoft Office PowerPoint 2003 SP3: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Microsoft Office PowerPoint 2004 for Mac: At the moment, there is no information about a newer version that contains a fix for this vulnerability.